How to fix CVE-2026-25996?

Within 24 hours: Identify all systems running Inspektor Gadget and assess exposure in your Kubernetes environment. Within 7 days: Apply the available vendor patch to all affected instances and validate functionality post-patch. Within 30 days: Conduct a security audit of cluster access logs to detect any exploitation attempts and review RBAC policies limiting Inspektor Gadget access to authorized personnel only.

Is Kubernetes affected by CVE-2026-25996?

Inspektor Gadget, a Kubernetes monitoring and inspection tool, contains a critical vulnerability (CVSS 9.8) that allows attackers to execute arbitrary commands through unsanitized terminal output.

CVE-2026-25996

CRITICAL

2026-02-12 [email protected]

9.8

CVSS 3.1

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

PoC Detected

Mar 16, 2026 - 18:02 vuln.today

Public exploit code

Patch Released

Mar 16, 2026 - 18:02 nvd

Patch available

Analysis Generated

Mar 12, 2026 - 22:02 vuln.today

CVE Published

Feb 12, 2026 - 21:16 nvd

CRITICAL 9.8

Description

Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences. Therefore, a maliciously forged - partially or completely - event payload, coming from an observed container, might inject the escape sequences into the terminal of ig operators, with various effects. The columns output mode is the default when running ig run interactively.

Analysis

String filter bypass in Inspektor Gadget Kubernetes eBPF tooling before fix. Insufficient string escaping enables filter injection. …

Remediation

Within 24 hours: Identify all systems running Inspektor Gadget and assess exposure in your Kubernetes environment. Within 7 days: Apply the available vendor patch to all affected instances and validate functionality post-patch. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Priority Score

Low Medium High Critical

KEV: 0

EPSS: +0.1

CVSS: +49

POC: +20

Vendor Status

CVE-2026-25996 vulnerability details – vuln.today

Back

CVE-2026-25996

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Analysis

Full analysis requires sign-in

Priority Score

Vendor Status

Share

CVE-2026-25996

CVSS Vector

Lifecycle Timeline

Tags

Description

Analysis

Remediation

Full analysis requires sign-in

Priority Score

Vendor Status

Share

External POC / Exploit Code